* The Business of Software

A former community discussing the business of software, from the smallest shareware operation to Microsoft. A part of Joel on Software.

We're closed, folks!

Links:

» Business of Software FAQ
» The Business of Software Conference (held every fall, usually in Boston)
» Forum guidelines (Please read before posting!)

Moderators:

Andy Brice
Successful Software

Doug Nebeker ("Doug")

Jonathan Matthews
Creator of DeepTrawl, CloudTrawl, and LeapDoc

Nicholas Hebb
BreezeTree Software

Bob Walsh
host, Startup Success Podcast author of The Web Startup Success Guide and Micro-ISV: From Vision To Reality

Patrick McKenzie
Bingo Card Creator

Found this, tought might help others.  Saas startup kit for .net

Sometime ago I remember someone asked for a .net based version of the ruby saas kit

here is a .net one I found.
Might be a helpful starting point for those who want to do .net

I have not used this.  I rolled my own membership system, but if you have success with this, or have used this before, please post a reply.

http://yatendra.github.io/saasapp/
NewGuyOnTheBlock Send private email
Sunday, March 02, 2014
 
 
SaasApp looks nice, but little documentation. ;)
How to create sub-domains, for example? :(
Alex Vasilevsky Send private email
Sunday, March 02, 2014
 
 
As with everything, dig deep into the implementation before blindly using it. In this case the framework is using SHA1-salted hashes for the passwords. That's not the worst choice in the world (it's no md5!), but in 2014, it's a pretty bad choice.

Better password hashing choices:

1. PBKDF2. It's very mature, it's well tested, and there are many implementations in different languages. Choose a decent work factor and you're set.

2. bcrypt. It's mature, it's well tested, and there are a handful of implementations in different languages. Choose a decent work factor and you're set.

3. scrypt. It's still young and not "field tested" enough to be trusted -- although that's my personal opinion. Others will disagree with that opinion. (I'm hopeful of scrypt, or I wouldn't have mentioned it). There's only a handful of implementations. Choose a decent work factor and you're set.
Wyatt O'Day Send private email
Sunday, March 02, 2014
 
 
Source code say "2 years ago" on https://github.com/yatendra/saasapp and "SaasApp Company 2011" on https://github.com/yatendra/saasapp/wiki/Configuration
Alex Vasilevsky Send private email
Sunday, March 02, 2014
 
 

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics
 
Powered by FogBugz